From fe7a59c7f94804df2051018c63ed5fa2d3c2d23f Mon Sep 17 00:00:00 2001
From: JonnyWong16 <9099342+JonnyWong16@users.noreply.github.com>
Date: Wed, 6 Dec 2023 23:09:32 -0800
Subject: [PATCH] Fix use UTC for JWT expiry and max-age for cookie

---
 plexpy/webauth.py | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/plexpy/webauth.py b/plexpy/webauth.py
index c3c3f7e2..cc6c6579 100644
--- a/plexpy/webauth.py
+++ b/plexpy/webauth.py
@@ -22,7 +22,7 @@
 
 from future.builtins import object
 
-from datetime import datetime, timedelta
+from datetime import datetime, timedelta, timezone
 from future.moves.urllib.parse import quote, unquote
 
 import cherrypy
@@ -378,7 +378,7 @@ class AuthController(object):
 
         if valid_login:
             time_delta = timedelta(days=30) if remember_me == '1' else timedelta(minutes=60)
-            expiry = datetime.now() + time_delta
+            expiry = datetime.now(tz=timezone.utc) + time_delta
 
             payload = {
                 'user_id': user_details['user_id'],
@@ -399,7 +399,7 @@ class AuthController(object):
 
             jwt_cookie = str(JWT_COOKIE_NAME + plexpy.CONFIG.PMS_UUID)
             cherrypy.response.cookie[jwt_cookie] = jwt_token
-            cherrypy.response.cookie[jwt_cookie]['expires'] = int(time_delta.total_seconds())
+            cherrypy.response.cookie[jwt_cookie]['max-age'] = int(time_delta.total_seconds())
             cherrypy.response.cookie[jwt_cookie]['path'] = plexpy.HTTP_ROOT.rstrip('/') or '/'
             cherrypy.response.cookie[jwt_cookie]['httponly'] = True
             cherrypy.response.cookie[jwt_cookie]['samesite'] = 'lax'